Delphinus Cl0p ransomware

Delphinus Engineering yesterday confirmed an October ransomware attack that affected 2,232 people. The compromised data included names, Social Security numbers, dates of birth, and passport numbers.

The attack began on October 16, 2023, but wasn’t discovered until December 12, 2023 when ransomware group Cl0p claimed responsibility. Delphinus notified affected persons on April 10, 2024 following remediation and an investigation.

Cl0p posted a proof pack of the stolen data allegedly containing employee information, incident reports, contractor’s documents, agreements, and financial data.

Comparitech contacted Delphinus for comment and will update this article if it replies.

Although Delphinus says it has no evidence the data has been misused, victims should still take steps to protect themselves. Take advantage of the free credit monitoring offered by Delphinus through Experian. Keep an eye on your taxes, account statements, and credit reports for suspicious activity.

About Delphinus Engineering

Pennsylvania-based Delphinus Engineering is a federal contractor for the US Navy. Its services include non-nuclear production support, touch labor, ship repair, submarine maintenance, engineering analysis, habitability upgrades, cargo and weapons handling, and equipment installation.

It’s website states, “Whether the mission requires design, engineering, purchasing for ship construction, conversion, and repair or ship and ship systems repair, maintenance, and modernization projects or computer programming, software engineering and development, and cyber security evaluations and accreditations, Delphinus is able to provide the services you need, when you need them.”

Delphinus employs more than 650 people.

Who is Cl0p?

Russian ransomware gang Cl0p emerged in 2019 and has launched several attacks against high-profile targets. Its targets span multiple industries including finance, healthcare, manufacturing, education, media, and businesses. It spreads its ransomware either by exploiting known vulnerabilities or through phishing.

Cl0p has claimed responsibility for 64 attacks since it opened shop, according to our data, including eight in 2023. Its victims include energy giant Shell, supermarket giant Kroger, cybersecurity firm Qualys, and several American universities.